$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/29bedfc3-5012-48c2-8699-377e478d8269.roa File: 29bedfc3-5012-48c2-8699-377e478d8269.roa (raw, json) Hash identifier: ZZ1t3Xxu6Q8zF6XisjtWCYgPLEaGNE2JLwyuUPc55Qc= Subject key identifier: 1B:53:C0:2F:7A:80:37:49:E9:7C:E0:08:0F:BC:BC:F4:76:CA:0D:99 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1E983CBAB7046B949B5BFFA08BAB14625109E931 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/29bedfc3-5012-48c2-8699-377e478d8269.roa Signing time: Tue 10 Jun 2025 15:12:13 +0000 ROA not before: Tue 10 Jun 2025 15:12:13 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:98:3c:ba:b7:04:6b:94:9b:5b:ff:a0:8b:ab:14:62:51:09:e9:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:12:13 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=55f6bee87eb06fc4c318031bd89c2c13f0e2d192d474b34f56ada16b4290148d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ec:76:75:2a:fb:0e:28:bd:75:4d:75:d5:7a: 4f:3e:68:98:c2:65:76:88:a5:6c:5a:c4:85:26:c4: 2a:e2:5b:13:cf:06:b1:d3:5d:c4:9e:79:3f:9d:29: d9:be:4f:a8:11:2c:44:77:c6:05:dc:73:b9:73:56: 6b:ae:83:f2:cf:6b:a3:ef:af:40:73:31:60:a5:a0: 01:f5:24:7b:4b:0a:d5:c4:e7:c0:1f:aa:e3:5e:d4: 6a:74:14:84:d0:1f:d0:e9:04:12:c5:f0:a7:93:c3: 22:60:72:18:5a:d6:59:a6:ae:d8:ab:17:d2:66:fb: 76:72:49:65:26:09:41:f3:da:ba:d9:26:1c:eb:59: ef:3c:8d:2b:1a:4b:ba:49:7e:22:10:0c:ed:f3:8a: 88:9a:ee:68:9d:99:f7:56:20:fb:08:1f:1a:a6:63: 5c:66:4c:26:8d:02:b0:7e:d9:d4:87:ae:6b:a8:e3: 9d:90:08:35:8a:02:13:cf:81:a7:ff:2e:f4:02:cd: 16:0f:5b:d5:f1:82:d9:c1:8e:97:77:16:b4:25:82: 86:af:b7:10:2a:3c:5e:3e:78:e1:1f:7e:d1:2e:f1: ee:2f:8c:16:2f:e0:92:ea:f5:57:78:31:54:b6:57: 7f:27:82:71:c4:15:88:62:2e:51:03:0a:d1:34:7a: 58:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:53:C0:2F:7A:80:37:49:E9:7C:E0:08:0F:BC:BC:F4:76:CA:0D:99 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/29bedfc3-5012-48c2-8699-377e478d8269.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:1000::/40 Signature Algorithm: sha256WithRSAEncryption b0:1a:ae:f2:d8:80:87:db:fb:0b:71:2b:e7:8e:95:cb:13:72: 22:49:9f:cb:53:cd:25:f8:91:70:89:81:73:46:58:26:6b:cc: 97:31:a6:75:a7:e7:18:f4:e9:40:d6:c6:26:6d:87:45:5e:6a: 91:54:36:6a:79:1a:1f:25:c8:1b:93:ee:28:a8:e8:66:f3:ef: e3:b3:e3:af:ee:10:fd:23:e6:e1:1b:a4:ea:9c:f2:cd:48:c4: b3:a1:b5:46:64:d4:9d:5f:47:bc:9d:25:f8:94:97:c3:ae:39: e0:cb:e5:a4:ec:ed:dd:2a:ac:c0:a2:63:aa:dc:51:0c:67:5b: f7:e7:e0:91:8c:fb:14:d1:72:7f:2c:d8:c2:4f:27:52:5d:a4: 0e:f8:9c:aa:91:2b:d9:4c:8a:e3:17:55:2b:4b:d2:39:93:ca: a8:dd:41:c8:79:06:91:5d:ba:25:63:1e:2a:a7:be:94:d6:44: d6:e1:65:23:b6:ea:ef:3e:aa:c9:82:6d:cd:d1:7e:05:34:cb: 5d:1c:c5:22:8f:7a:99:20:1c:3c:95:8e:03:9f:7e:c4:92:28: 19:14:95:d6:2f:40:3e:ff:15:f7:61:6a:42:9e:56:59:68:ed: 17:96:8f:da:e4:61:c9:45:5a:5a:e3:1d:34:ab:ac:4c:62:47: 3e:64:0e:ed -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHpg8urcEa5SbW/+gi6sUYlEJ6TEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MTIxM1oX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNANTVmNmJlZTg3ZWIwNmZjNGMzMTgw MzFiZDg5YzJjMTNmMGUyZDE5MmQ0NzRiMzRmNTZhZGExNmI0MjkwMTQ4ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ox2dSr7Dii9dU111XpPPmiYwmV2 iKVsWsSFJsQq4lsTzwax013Ennk/nSnZvk+oESxEd8YF3HO5c1ZrroPyz2uj769A czFgpaAB9SR7SwrVxOfAH6rjXtRqdBSE0B/Q6QQSxfCnk8MiYHIYWtZZpq7YqxfS Zvt2ckllJglB89q62SYc61nvPI0rGku6SX4iEAzt84qImu5onZn3ViD7CB8apmNc ZkwmjQKwftnUh65rqOOdkAg1igITz4Gn/y70As0WD1vV8YLZwY6Xdxa0JYKGr7cQ KjxePnjhH37RLvHuL4wWL+CS6vVXeDFUtld/J4JxxBWIYi5RAwrRNHpY4QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBtTwC96gDdJ6XzgCA+8vPR2yg2ZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI5YmVkZmMzLTUwMTItNDhjMi04Njk5LTM3N2U0NzhkODI2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNhAwDQYJKoZIhvcNAQELBQADggEBALAarvLYgIfb+wtxK+eO lcsTciJJn8tTzSX4kXCJgXNGWCZrzJcxpnWn5xj06UDWxiZth0VeapFUNmp5Gh8l yBuT7iio6Gbz7+Oz46/uEP0j5uEbpOqc8s1IxLOhtUZk1J1fR7ydJfiUl8OuOeDL 5aTs7d0qrMCiY6rcUQxnW/fn4JGM+xTRcn8s2MJPJ1JdpA74nKqRK9lMiuMXVStL 0jmTyqjdQch5BpFduiVjHiqnvpTWRNbhZSO26u8+qsmCbc3RfgU0y10cxSKPepkg HDyVjgOffsSSKBkUldYvQD7/FfdhakKeVllo7ReWj9rkYclFWlrjHTSrrExiRz5k Du0= -----END CERTIFICATE-----Generated at Sat Jun 14 06:45:38 2025 by rpki-client